Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
File:                     oYNGitFuaZjU23dpvvv6BuofE0I.mft (raw, json)
Hash identifier:          buZAdFAMMb5lgwEcFwnqvRQcV2susjD579eObAaK9lI=
Subject key identifier:   76:C9:D8:1A:1A:F2:F5:3D:07:1C:B8:F0:F7:0F:7C:3D:A5:5D:7F:36
Authority key identifier: A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42
Certificate issuer:       /CN=a183468ad16e6998d4db7769befbfa06ea1f1342
Certificate serial:       019D99D05C4CC5EE86C3C428FF803DCBAEC1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
Manifest number:          123D
Signing time:             Fri 17 Apr 2026 05:01:02 +0000
Manifest this update:     Fri 17 Apr 2026 05:01:02 +0000
Manifest next update:     Sat 18 Apr 2026 05:01:02 +0000
Files and hashes:         1: oYNGitFuaZjU23dpvvv6BuofE0I.crl (hash: ekiQZv/z9gBBnSf2DUChMs9L9yqEGteX38KFU8RoGVE=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Apr 2026 05:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:99:d0:5c:4c:c5:ee:86:c3:c4:28:ff:80:3d:cb:ae:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a183468ad16e6998d4db7769befbfa06ea1f1342
        Validity
            Not Before: Apr 17 05:01:02 2026 GMT
            Not After : Apr 18 05:01:02 2026 GMT
        Subject: CN=76c9d81a1af2f53d071cb8f0f70f7c3da55d7f36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:65:a2:74:16:a1:32:4e:00:16:84:e9:3c:ab:
                    cd:47:8a:ac:5c:3a:d5:c2:ed:06:23:5d:ad:82:56:
                    8f:2b:06:4c:55:b3:2a:d8:1e:d8:c8:45:ce:42:d8:
                    a4:97:af:d6:53:d2:e9:f0:3a:92:49:54:61:01:9b:
                    3a:9e:bd:d3:fc:5c:4a:25:a9:6e:c1:f1:04:81:65:
                    38:7b:43:a7:16:ce:84:d5:ef:9a:40:25:de:ef:c0:
                    79:42:88:e6:e4:37:a1:44:d8:4d:f8:2f:58:2c:73:
                    24:f3:79:04:9c:47:18:11:90:b0:ed:37:d6:49:90:
                    6c:2f:cc:10:8a:e9:dc:91:68:a1:c7:cf:0a:68:93:
                    0d:08:90:1a:7d:e8:84:38:52:38:77:f1:a5:a2:51:
                    60:45:0a:e9:4e:22:af:f1:23:e2:72:a6:c5:02:63:
                    90:80:b6:80:f0:e0:8c:b1:99:c2:49:6b:6a:29:df:
                    49:35:df:60:fe:71:14:7f:2e:ca:a1:d4:7f:1f:5a:
                    2b:5d:a5:1f:30:f8:a7:e7:fe:c0:dc:80:d2:85:c2:
                    06:4f:dd:6d:cd:97:18:10:1a:c1:18:52:04:cf:c9:
                    9c:e2:f4:99:69:92:e4:5c:8a:16:6d:7a:59:7b:9e:
                    3b:2e:da:14:aa:6b:6f:28:44:c5:49:86:a6:09:25:
                    6e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:C9:D8:1A:1A:F2:F5:3D:07:1C:B8:F0:F7:0F:7C:3D:A5:5D:7F:36
            X509v3 Authority Key Identifier:
                keyid:A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:cc:35:0d:8a:14:6a:8a:eb:94:66:f1:84:a2:43:34:dd:64:
         bf:dd:ed:c2:22:ef:76:9b:04:f3:61:f1:62:6c:54:63:69:d5:
         1d:5a:42:c1:85:e6:94:6c:11:c1:9e:17:1e:5f:e9:73:7e:eb:
         78:5e:50:70:a6:51:7d:c8:0d:ac:ce:02:c3:92:04:7d:39:8f:
         44:b2:00:5a:84:88:1d:57:bb:c0:9a:d3:78:29:07:06:d9:0b:
         73:a3:71:33:65:e4:49:6c:ea:f9:36:62:fa:ae:2b:6d:57:4b:
         2a:80:59:71:8e:1f:e0:fa:83:89:f3:72:64:ac:5d:30:b2:73:
         2b:b4:8d:15:ef:a0:2e:e3:bc:ea:28:5b:a8:c2:68:0a:63:f4:
         9b:09:26:fc:5b:3b:e2:e7:b9:37:75:ae:d5:29:83:ab:07:6f:
         4a:d4:89:aa:1d:ff:aa:44:a5:10:51:47:33:5c:ca:0b:0b:11:
         c2:71:ad:1b:13:92:aa:19:80:5e:3d:f8:fa:55:3f:db:5d:0d:
         28:30:d9:2c:c3:21:12:de:d1:de:74:d7:eb:ae:94:db:de:4c:
         1b:ae:22:98:6e:60:21:4a:4e:97:6a:d4:40:db:7d:b9:2c:04:
         b4:5b:21:af:35:f7:05:83:e9:81:2c:9f:f0:45:b9:eb:70:40:
         5b:46:f8:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0FxMxe6Gw8Qo/4A9y67BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODM0NjhhZDE2ZTY5OThkNGRiNzc2OWJlZmJmYTA2ZWEx
ZjEzNDIwHhcNMjYwNDE3MDUwMTAyWhcNMjYwNDE4MDUwMTAyWjAzMTEwLwYDVQQD
Eyg3NmM5ZDgxYTFhZjJmNTNkMDcxY2I4ZjBmNzBmN2MzZGE1NWQ3ZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGWidBahMk4AFoTpPKvNR4qsXDrV
wu0GI12tglaPKwZMVbMq2B7YyEXOQtikl6/WU9Lp8DqSSVRhAZs6nr3T/FxKJalu
wfEEgWU4e0OnFs6E1e+aQCXe78B5Qojm5DehRNhN+C9YLHMk83kEnEcYEZCw7TfW
SZBsL8wQiunckWihx88KaJMNCJAafeiEOFI4d/GlolFgRQrpTiKv8SPicqbFAmOQ
gLaA8OCMsZnCSWtqKd9JNd9g/nEUfy7KodR/H1orXaUfMPin5/7A3IDShcIGT91t
zZcYEBrBGFIEz8mc4vSZaZLkXIoWbXpZe547LtoUqmtvKETFSYamCSVu3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHbJ2Boa8vU9Bxy48PcPfD2lXX82MB8GA1UdIwQY
MBaAFKGDRorRbmmY1Nt3ab77+gbqHxNCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2Mt
MzcxYWM3YzY1NGRhLzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2MtMzcxYWM3YzY1NGRh
LzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY8w1DYoU
aorrlGbxhKJDNN1kv93twiLvdpsE82HxYmxUY2nVHVpCwYXmlGwRwZ4XHl/pc37r
eF5QcKZRfcgNrM4Cw5IEfTmPRLIAWoSIHVe7wJrTeCkHBtkLc6NxM2XkSWzq+TZi
+q4rbVdLKoBZcY4f4PqDifNyZKxdMLJzK7SNFe+gLuO86ihbqMJoCmP0mwkm/Fs7
4ue5N3Wu1SmDqwdvStSJqh3/qkSlEFFHM1zKCwsRwnGtGxOSqhmAXj34+lU/210N
KDDZLMMhEt7R3nTX666U295MG64imG5gIUpOl2rUQNt9uSwEtFshrzX3BYPpgSyf
8EW563BAW0b4HA==
-----END CERTIFICATE-----